ABSTRACT
Pervasive Environments (PE) collect and process a massive amount of person-related and sensitive information. Data collected by a single sensor is in most cases not adequate to provide premium services. Information gathered must rather be combined to offer real benefits. The fused data must be secured by access controls to ensure privacy of the users and their trust in PE with it. This work proposes an Object-oriented World Model (OOWM) as a central information source that is filled with information collected from intelligent sensors and can be accessed and manipulated by smart application devices. It is shown how privacy can be enforced in such a centralized component. Privacy requirements must be specified and enforced. Especially conflicts in different requirements, e. g., user- and operator-specific polices, is an open issue. Existing approaches for specification and enforcement of access controls are discussed. An XACML-based approach for privacy in PE is shown and an algorithm for combining privacy policies is presented.
- A. Anderson. extensible access control markup language (xacml) version 2.0 hierarchical resource profile of xacml v2.0, 2005.Google Scholar
- A. Bauer, T. Emter, H. Vagts, and J. Beyerer. Object oriented world model for surveillance systems. In P. Elsner, editor, Future Security: 4th Security Research Conference, pages 339--345. Fraunhofer Verlag, Oct. 2009.Google Scholar
- S. Benferhat, R. El Baida, and F. Cuppens. A stratification-based approach for handling conflicts in access control. In Proceedings of the eighth ACM symposium on Access control models and technologies, SACMAT '03, pages 189--195, New York, NY, USA, 2003. ACM. Google ScholarDigital Library
- ContentGuard Inc. Xrml version 2.0 technical overview, March 2002.Google Scholar
- L. Cranor, B. Dobbs, S. Egelman, G. Hogben, J. Humphrey, M. Langheinrich, M. Marchiori, M. Presler-Marshall, J. Reagle, M. Schunter, D. A. Stampley, and R. Wenning. The platform for privacy preferences 1.1 (p3p1.1) specification, November 2006.Google Scholar
- F. Cuppens, L. Cholvy, C. Saurel, and J. Carrere. Merging Regulations: analysis of a practical example, volume 16. John Wiley & Sons, 2001.Google Scholar
- D. Ferraiolo, R. Sandhu, S. Gavrila, D. Kuhn, and R. Chandramouli. Proposed nist standard for role-based access control. ACM Transactions on Information and System Security (TISSEC), 4:224--274, 2001. Google ScholarDigital Library
- Y. Fischer and A. Bauer. Object-oriented sensor data fusion for wide maritime surveillance. In 2nd International Conference on Waterside Security, 2010.Google ScholarCross Ref
- E. Krempel. Automatisches Identitätsmanagement zur Steigerung der Privatsphäre in intelligenten Überwachungssystemen. Studienarbeit, Lehrstuhl für Interaktive Echtzeitsysteme, Karlsruher Institut für Technologie, 2010.Google Scholar
- M. Langheinrich. A Privacy Awareness System for Ubiquitous Computing Environments. In UbiComp 2002: ubiquitous computing: 4th International Conference, page 237. Springer Verlag, 2002. Google ScholarDigital Library
- A. Machanavajjhala, D. Kifer, J. Gehrke, and M. Venkitasubramaniam. L-diversity: Privacy beyond k-anonymity. ACM Transactions on Knowledge Discovery from Data, 1(1):3, 2007. Google ScholarDigital Library
- C. Montangero, S. Reiff-marganiec, and L. Semini. Logic-based detection of conflicts in appel policies. Technical report, Massachusetts Institute of Technology, 2007.Google Scholar
- Q. Ni, E. Bertino, J. Lobo, and S. B. Calo. Privacy-aware role-based access control. IEEE Security & Privacy, 7:35--43, 2009. Google ScholarDigital Library
- OECD, editor. OECD guidelines on the protection of privacy and transborder flows of personal data. OECD Publishing, 268 edition, March 2003.Google Scholar
- Open Digital Rights Language ODRL Initiative. ODRL 1.1 specifications, August 2002.Google Scholar
- P. Samarati and L. Sweeney. Protecting privacy when disclosing information: k-anonymity and its enforcement through generalization and suppression. Technical report, Computer Science Laboratory, SRI International, 1998.Google Scholar
- A. Schmidt, M. Beigl, and H. Gellersen. There is more to context than location. Computers & Graphics, 23(6):893--901, 1999.Google Scholar
- A. Steinberg, C. Bowman, and F. White. Revisions to the JDL data fusion model. In Society of Photo-Optical Instrumentation Engineers (SPIE) Conference Series, volume 3719, pages 430--441, 1999.Google ScholarCross Ref
- E. Syukur. Methods for policy conflict detection and resolution in pervasive computing environments. In In Policy Management for Web workshop in conjunction with WWW2005 Conference, pages 10--14. ACM, 2005.Google Scholar
- H. Vagts and A. Bauer. Privacy-aware object representation for surveillance systems. In Advanced Video and Signal Based Surveillance (AVSS), 2010 Seventh IEEE International Conference on, pages 601--608, 292010-sept.1 2010. Google ScholarDigital Library
- H. Vagts and J. Beyerer. Security and privacy challenges in modern surveillance systems. In P. Elsner, editor, Future Security: 4th Security Research Conference, pages 94--116. Fraunhofer Verlag, Oct. 2009.Google Scholar
- H. Vagts, C. Bier, and J. Beyerer. Anonymization in intelligent surveillance systems. In New Technologies, Mobility and Security (NTMS), 2011 4th IFIP International Conference on, pages 1--4, 2011.Google Scholar
- M. Yagüe. Survey on xml-based policy languages for open environments. Journal of Information Assurance and Security, 1:11--20, 2006.Google Scholar
- R. Yavatkar, D. Pendarakis, and R. Guerin. A Framework for Policy-based Admission Control. RFC 2753 (Informational), Jan. 2000. Google ScholarDigital Library
Index Terms
- Access controls for privacy protection in pervasive environments
Recommendations
RBAC-based access control for privacy protection in pervasive environments
ICUIMC '09: Proceedings of the 3rd International Conference on Ubiquitous Information Management and CommunicationPervasive environment is a post-desktop model of human-computer interaction in which information processing has been thoroughly integrated into everyday object and activities. In there environment access control is a critical issue, with many aspects ...
A framework for systemic privacy protection in a pervasive platform
ISP'06: Proceedings of the 5th WSEAS International Conference on Information Security and PrivacyPervasive environments pose extended security and privacy threads if compared with traditional systems. Many privacy enhancing and trust management techniques have been studied in recent years. In the paper we present the DAIDALOS IST FP6 Integrated ...
Understanding identity exposure in pervasive computing environments
Various miniaturized computing devices that store our identity information are emerging rapidly and are likely to become ubiquitous in the future. They allow private information to be exposed and accessed easily via wireless networks. When identity and ...
Comments